Protecting Customer Data During the Support Process

Over the past several years the importance of securing customer data has become a top priority for companies.  With laws such as General Data Protection Regulation (GDPR), the government can impose fines on organizations that misuse or expose customer data.  Attacks such as ransomware also have also highlighted the risk of doing business in todays connected business environment.

With new data protection requirements and security threats it’s important that support organizations understand their role in protecting their organizations from these risks.  As support is an external interface to customers and partners, it’s important to understand how to minimize risk associated with troubleshooting products in customers’ environments.

Partnering with your IT group

Protecting customer data is a corporate level responsibility that often managed by the organizations IT group.    While the IT group may have overall responsibility for securing the data, it is the support organization that is using and updating this information and often the source of breaches.

Partnering with the IT organization to define best practices and obtain certifications such as ISO 27001 is a great way to ensure the security of customer data.  ISO/IEC 27001 is widely known, providing requirements for an information security management system (ISMS).   Using this standard enables organizations of any kind to manage the security of assets such as customer data, financial information, intellectual property, employee details or information entrusted by third parties.

Working with Partners – Multi Vendor Support

While obtaining ISO27001 is a great way to ensure the protection of customer data within your organization, working with Partners adds a challenge if the collaboration requires the exchange of customer information.   Vendors working with Partners on common customer issues should follow the best practices below:

  1. Ensure that the collaboration is supported by a legal agreement
  2. Ensure that the customer is aware of the collaboration and has authorized it
  3. Only share what is needed to solve the technical issue

TSANet provides the operational framework and best practices for Members to collaborate on customer issues by providing the following:

  1. A legal framework that supports collaboration on customer issues
  2. The ISO 27001 certified TSANet Connect platform for requesting collaboration between members
  3. A set of best practices integrated into the multi-vendor support processes